Issue No. 01 - January/February (2008 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.21
Edward Bonver , Symantec
Testing (security testing in particular) on internal tools should be incorporated into the QA process. A responsible software company shouldn't produce insecure software, regardless of whether this software is meant for internal use only.
software security, testing, Building Security In
Edward Bonver, "Security Testing of Internal Tools", IEEE Security & Privacy, vol. 6, no. , pp. 81-83, January/February 2008, doi:10.1109/MSP.2008.21